<?php

/*
	[Discuz!] (C)2001-2009 Comsenz Inc.
	This is NOT a freeware, use is subject to license terms

	$Id: logging.php 20592 2009-10-10 06:37:56Z monkey $
*/

define('NOROBOT', TRUE);
define('CURSCRIPT', 'bindding');

require_once './include/common.inc.php';
require_once DISCUZ_ROOT.'./include/misc.func.php';
require_once DISCUZ_ROOT.'./include/login.func.php';
require_once DISCUZ_ROOT.'./uc_client/client.php';
require_once DISCUZ_ROOT.'./include/renren.func.php';


if($action == 'renrenBindDiscuz') {

	if(!($loginperm = logincheck())) {
		showmessage('login_strike');
	}

	$seccodecheck = $seccodestatus & 2;
	$seccodescript = '';

	if($seccodecheck && $seccodedata['loginfailedcount']) {
		$seccodecheck = $db->result_first("SELECT count(*) FROM {$tablepre}failedlogins WHERE ip='$onlineip' AND count>='$seccodedata[loginfailedcount]' AND $timestamp-lastupdate<=900");
		$seccodescript = '<script type="text/javascript" reload="1">if($(\'seccodelayer\').innerHTML == \'\') ajaxget(\'logging.php?action=seccode\', \'seccodelayer\');</script>';
	}

	if(!submitcheck('loginsubmit', 1, $seccodecheck)) {
		$discuz_action = 6;

		$referer = dreferer();

		$thetimenow = '(GMT '.($timeoffset > 0 ? '+' : '').$timeoffset.') '.
			dgmdate("$dateformat $timeformat", $timestamp + $timeoffset * 3600).

		$styleselect = '';
		$query = $db->query("SELECT styleid, name FROM {$tablepre}styles WHERE available='1'");
		while($styleinfo = $db->fetch_array($query)) {
			$styleselect .= "<option value=\"$styleinfo[styleid]\">$styleinfo[name]</option>\n";
		}

		$cookietimecheck = !empty($_DCOOKIE['cookietime']) ? 'checked="checked"' : '';

		if($seccodecheck) {
			$seccode = random(6, 1) + $seccode{0} * 1000000;
		}

		$username = !empty($_DCOOKIE['loginuser']) ? htmlspecialchars($_DCOOKIE['loginuser']) : '';
		include template('login');

	} else {
			$tag = $db->fetch_first("SELECT crd.tag FROM {$tablepre}renren_discuz crd,{$tablepre}members mem WHERE crd.dzuid =mem.uid and mem.username='$username' ");
			if($tag["tag"]){
				showmessage('have_bind_renren', 'connect_setting.php');
			}
		$result = userlogin();
		if($result > 0) {
			$renren_uid = $_COOKIE[$apikey."_user"];
			

			$db->query("UPDATE {$tablepre}renren_discuz SET dzuid='$discuz_uid',tag='1' WHERE xnuid='$renren_uid'");
			
			$ucsynlogin = $allowsynlogin ? uc_user_synlogin($discuz_uid) : '';
			if(!empty($inajax)) {

				$msgforward = unserialize($msgforward);
				$mrefreshtime = intval($msgforward['refreshtime']) * 1000;
				include_once DISCUZ_ROOT.'./forumdata/cache/cache_usergroups.php';
				$usergroups = $_DCACHE['usergroups'][$groupid]['grouptitle'];
				$message = 1;
				global $db,$tablepre,$discuz_uid,$groupid,$tid,$extra,$action;
					updatesession();
					dheader("location:connect_setting.php");
			} else {

				if($groupid == 8) {
					global $db,$tablepre,$discuz_uid,$groupid,$tid,$extra,$action;
					updatesession();
					dheader("location:connect_setting.php");
				} else {
					
					global $db,$tablepre,$discuz_uid,$groupid,$tid,$extra,$action;
					updatesession();
					dheader("location:connect_setting.php?bindType=rbd2");
				}
			}
			
		} else{
			$password = preg_replace("/^(.{".round(strlen($password) / 4)."})(.+?)(.{".round(strlen($password) / 6)."})$/s", "\\1***\\3", $password);
			$errorlog = dhtmlspecialchars(
				$timestamp."\t".
				($ucresult['username'] ? $ucresult['username'] : stripslashes($username))."\t".
				$password."\t".
				($secques ? "Ques #".intval($questionid) : '')."\t".
				$onlineip);
			writelog('illegallog', $errorlog);
			loginfailed($loginperm);
			$fmsg = $ucresult['uid'] == '-3' ? (empty($questionid) || $answer == '' ? 'login_question_empty' : 'login_question_invalid') : 'login_invalid';
			showmessage($fmsg, 'connect_setting.php');
		}

	}

} 

elseif($action == 'renrenBindDiscuz2') {
$renren_uid = $_COOKIE[$apikey."_user"];
$user_info = rr_get_user_info();
if($renrenheadurl)
{
	$headurl_with_logo = $user_info->headurl_with_logo;	
	$tinyurl_with_logo = $user_info->tinyurl_with_logo;
	if(!empty($headurl_with_logo))
	{
		upload_avatar($discuz_uid,$headurl_with_logo,"middle");
	}
	if(!empty($tinyurl_with_logo)) {
		upload_avatar($discuz_uid,$tinyurl_with_logo,"small");
	}
}
$sex=$user_info->sex;

if($sex==='0')
{
$sex='2';
}
$birthday=$user_info->birthday;

$db->query("UPDATE {$tablepre}members SET gender='$sex',bday='$birthday' WHERE uid='$discuz_uid'");
$fieldUid = $db->result_first("SELECT uid FROM {$tablepre}memberfields WHERE uid='$discuz_uid'");
	if(!$fieldUid)
	{
          $db->query("REPLACE INTO {$tablepre}memberfields (uid) VALUES ('$discuz_uid')");
    }
$location=$user_info->hometown_location->province.$user_info->hometown_location->city;
$renren_profile = 'http://www.renren.com/profile.do?id='.$renren_uid;
$db->query("UPDATE {$tablepre}memberfields SET location='$location',renren_profile='$renren_profile'  WHERE uid='$discuz_uid'");
	dheader("location:connect_setting.php");
}
elseif($action == 'renrenUnBindDiscuz') {
			$renren_uid = $_COOKIE[$apikey."_user"];
			$db->query("UPDATE {$tablepre}renren_discuz SET dzuid=null,tag='0' WHERE xnuid='$renren_uid'");
			$result = $db->fetch_first("SELECT CASE tag WHEN '1' THEN dzuid WHEN '0' THEN defdzuid END AS dz_uid FROM {$tablepre}renren_discuz WHERE xnuid = '$renren_uid' ");
			if( !$result ){
			dheader("location:connect_setting.php");
			}
			extract($result);
			$member = $db->fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques FROM {$tablepre}members m WHERE m.uid='$dz_uid'");
			if( !$member ){
				showmessage('', 'connect_setting.php');
			}
			extract($member);
			$ucsynlogin = $allowsynlogin ? uc_user_synlogin($discuz_uid) : '';
			define('UC_API');
			define('IN_DISCUZ');
			$cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : 0);
			dsetcookie('cookietime', $cookietime, 31536000);
			dsetcookie('auth', authcode("$discuz_pw\t$discuz_secques\t$discuz_uid", 'ENCODE'), $cookietime, 1, true );
			dsetcookie('loginuser');
			dsetcookie('activationauth');
			dsetcookie('pmnum');
			global $db,$tablepre,$discuz_uid,$groupid,$tid,$extra,$action;
					updatesession();
					dheader("location:connect_setting.php");
}
elseif($action == 'discuzBindRenren') {
$renren_uid = $_COOKIE[$apikey."_user"];
setcookie("converseBind",'1', time()+3600*24);
$tag = $db->fetch_first("SELECT tag FROM {$tablepre}renren_discuz  WHERE  xnuid ='$renren_uid'");
if($tag["tag"]){
	showmessage('have_bind_discuz', 'connect_setting.php');
}

$result = $db->fetch_first("SELECT xnuid FROM {$tablepre}renren_discuz WHERE xnuid ='$renren_uid'");

if(!$result ){
rr_register($db,$renren_uid);
}
$db->query("UPDATE {$tablepre}renren_discuz SET dzuid='$discuz_uid',tag='1'  WHERE xnuid='$renren_uid'");


dheader("location:connect_setting.php?bindType=dbr2");
}

elseif($action == 'discuzBindRenren2') {
	
	$renren_uid = $_COOKIE[$apikey."_user"];
	$user_info = rr_get_user_info();
	if($renrenheadurl)
	{
		$headurl_with_logo = $user_info->headurl_with_logo;	
		$tinyurl_with_logo = $user_info->tinyurl_with_logo;
		if(!empty($headurl_with_logo))
		{
			upload_avatar($discuz_uid,$headurl_with_logo,"middle");
		}
		if(!empty($tinyurl_with_logo)) {
			upload_avatar($discuz_uid,$tinyurl_with_logo,"small");
		}
	}
	if($renrenData)
	{
	$sex=$user_info->sex;
	if($sex==='0')
	{
	$sex='3';
	}
	$birthday=$user_info->birthday;
	$db->query("UPDATE {$tablepre}members set gender='$sex',bday='$birthday' where uid='$discuz_uid'");
	$fieldUid = $db->result_first("SELECT uid FROM {$tablepre}memberfields WHERE uid='$discuz_uid'");
		if(!$fieldUid)
		{
			  $db->query("REPLACE INTO {$tablepre}memberfields (uid) VALUES ('$discuz_uid')");
			}
	$location=$user_info->hometown_location->province.$user_info->hometown_location->city;
	$db->query("UPDATE {$tablepre}memberfields SET location='$location'  WHERE uid='$discuz_uid'");
	}
$renren_profile = 'http://www.renren.com/profile.do?id='.$renren_uid;
$db->query("UPDATE {$tablepre}memberfields SET renren_profile='$renren_profile'  WHERE uid='$discuz_uid'");
	dheader("location:connect_setting.php");
}

elseif($action == 'discuzUnBindRenren') {
			$rruid = $db->fetch_first("SELECT xnuid as rruid FROM {$tablepre}renren_discuz WHERE dzuid ='$discuz_uid' and tag='1'");
			$renren_uid=$rruid["rruid"];
			$db->query("UPDATE {$tablepre}renren_discuz SET dzuid=null,tag='0' WHERE xnuid='$renren_uid'");
			dheader("location:connect_setting.php");
}
else {
	showmessage('undefined_action');
}

?>